Majority of the devices in the Internet of Things (IoT) are deployed in an environment that is susceptible to cyber-attacks. Due to the resource-constraint nature of IoT, it is very hard to meet the security challenges that arise due to the deployment of IoT devices in the unsecure environment. In this context, the authentication of IoT devices is one of the core challenges. Many protocols have been designed to address and overcome the security issues that stem from the authentication failure. However, many of these protocols are designed using the complex cryptographic techniques that may not be supported by IoT devices. In this paper, we propose a lightweight and secure mutual authentication scheme for resource constraint IoT devices. The proposed scheme is robust against cyber-attacks, such as impersonation, modification, session key disclosure, and eavesdropping attacks. The security of the proposed scheme is formally tested using the Automated Validation of Internet Security Protocols and Applications tool and found the scheme to be secure in the Dolev-Yao attack model. Moreover, the performance features such as communication overhead, computation time, and the turnaround time of the proposed scheme are evaluated and compared with the recent schemes of same category, where the proposed scheme shows a balance of performance without compromising the security features.
For the last few years, academia and research organizations are continuously investigating and resolving the security and privacy issues of mobile cloud computing environment. The additional consideration in designing security services for mobile cloud computing environment should be the resource-constrained mobile devices. The execution of computationally intensive security services on mobile device consumes battery's charging quickly. In this regard, the study presents a novel energy-efficient block-based sharing scheme that provides confidentiality and integrity services for mobile users in the cloud environment. The block-based sharing scheme is compared with the existing schemes on the basis of energy consumption, CPU utilization, memory utilization, encryption time, decryption time, and turnaround time. The experimen-123 Data security in mobile cloud environment 947 tal results show that the block-based sharing scheme consumes less energy, reduces the resources utilization, improves response time, and provides better security services to the mobile users in the presence of fully untrusted cloud server(s) as compared to the existing security schemes.
Summary
To provide reliable data storage and retrieval services to the end users, the cloud service provider implements secure data storage, sharing, and retrieval mechanisms. However, the aforesaid services provided by cloud have certain pitfalls, such as decision latency and real‐time data computation. To address these aforementioned problems, fog computing was introduced for the purpose of providing cloud services at the network's edge. While this migration of the cloud services to the network's edge raises various security concerns, such as trust, authentication, mobility, intrusion, network security, and secure data computation. Among these concerns, the most critical issues that need immediate attention of researchers and practitioners are of privacy and access control in fog computing which are in direct relation to secure data storage and retrieval purposes. So, in order to highlight their importance for research community, this survey embodies to discuss, explain, and compare various privacy preserving and access control schemes in the context of fog computing for classifying and analyzing similarities and variances with respect to other researchers. Moreover, upon classification and analysis of these schemes, various open issues and future directions are also presented for researchers and practitioners for the purpose of enhancing security algorithms to address privacy and access control issues in fog computing.
Cloud computing is an emerging computing paradigm that offers on-demand, flexible, and elastic computational and storage services for the end-users. The small and medium-sized business organization having limited budget can enjoy the scalable services of the cloud. However, the migration of the organizational data on the cloud raises security and privacy issues. To keep the data confidential, the data should be encrypted using such cryptography method that provides fine-grained and efficient access for uploaded data without affecting the scalability of the system. In mobile cloud computing environment, the selected scheme should be computationally secure and must have capability for offloading computational intensive security operations on the cloud in a trusted mode due to the resource constraint mobile devices. The existing manager-based re-encryption and cloud-based re-encryption schemes are computationally secured and capable to offload the computationally intensive data access operations on the trusted entity/cloud. Despite the offloading of the data access operations in manager-based reencryption and cloud-based re-encryption schemes, the mobile user still performs computationally intensive paring-based encryption and decryption operations using limited capabilities of mobile device. In this paper, we proposed Cloud-Manager-based Reencryption Scheme (CMReS) that combines the characteristics of manager-based re-encryption and cloudbased re-encryption for providing the better security services with minimum processing burden on the mobile device. The experimental results indicate that the proposed cloud-manager-based re-encryption scheme shows significant improvement in turnaround time, energy consumption, and resources utilization on the mobile device as compared to existing reencryption schemes.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.